package com.nnnu.wsnackshop.controller.admin;


import com.nnnu.wsnackshop.constant.MessageConstants;
import com.nnnu.wsnackshop.pojo.dto.AdminUserPageDTO;
import com.nnnu.wsnackshop.pojo.dto.AdminUserSaveDTO;
import com.nnnu.wsnackshop.pojo.vo.AdminUserVO;
import com.nnnu.wsnackshop.result.PageResult;
import com.nnnu.wsnackshop.result.Result;
import com.nnnu.wsnackshop.service.IUsersService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springdoc.core.annotations.ParameterObject;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * <p>
 * 用户表 前端控制器
 * </p>
 *
 * @author zk
 * @since 2025-05-14
 */
@RestController("adminUsersController")
@RequestMapping("/api/admin/users")
@Slf4j
@Validated
@Tag(name = "管理端用户接口")
@RequiredArgsConstructor
public class UsersController {
    private final IUsersService userService;

    @Operation(summary = "分页查询用户", description = "仅 superAdmin 或 admin 且拥有 user:read 权限可访问")
    @GetMapping
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("user:read")
    public Result<?> pageUsers(@Validated @ParameterObject AdminUserPageDTO dto) {
        PageResult<AdminUserVO> page = userService.pageUsers(dto);
        return Result.success(page, MessageConstants.SELECT_OK);
    }

    @Operation(summary = "获取用户详情", description = "仅 superAdmin 或 admin 且拥有 user:read 权限可访问")
    @GetMapping("/{id}")
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("user:read")
    public Result<?> getUser(@PathVariable @Parameter(description = "用户ID", in = ParameterIn.PATH) Long id) {
        AdminUserVO vo = userService.getUserDetail(id);
        return Result.success(vo, MessageConstants.SELECT_OK);
    }

    @Operation(summary = "创建新用户", description = "仅 superAdmin 或 admin 且拥有 user:create 权限可访问")
    @PostMapping
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("user:create")
    public Result<?> createUser(@Validated @RequestBody @Parameter(description = "用户信息") AdminUserSaveDTO dto) {
        log.info("管理员创建用户：{}", dto);
        userService.createUser(dto);
        return Result.success(MessageConstants.ADD_OK);
    }

    @Operation(summary = "更新用户信息", description = "仅 superAdmin 或 admin 且拥有 user:update 权限可访问")
    @PutMapping("/{id}")
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("user:update")
    public Result<?> updateUser(@PathVariable @Parameter(description = "用户ID", in = ParameterIn.PATH) Long id, @Validated @RequestBody AdminUserSaveDTO dto) {
        log.info("管理员更新用户(id={})：{}", id, dto);
        userService.updateUser(id, dto);
        return Result.success(MessageConstants.OPERATION_SUCCESSFUL);
    }

    @Operation(summary = "批量删除用户", description = "仅 superAdmin 或 admin 且拥有 user:delete 权限可访问")
    @DeleteMapping
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("user:delete")
    public Result<?> deleteUsers(@RequestParam @Parameter(description = "用户ID列表", in = ParameterIn.QUERY) List<Long> ids) {
        log.info("管理员批量删除用户：ids={}", ids);
        userService.deleteUsers(ids);
        return Result.success(MessageConstants.OPERATION_SUCCESSFUL);
    }
}


